<?php
	require_once('LoginController.php');
	require_once('/database/database.php');
	require_once('/hash/hashConfig.php');
	require_once('/hash/PasswordHash.php');

	class LoginHandler {
		const EVERYTHING_WENT_BETTER_THEN_EXPECTED = 4;
		const USERNAME_DOSNT_EXIST = 5;
		const WRONG_PASSWORD = 6;
		
		private $m_login = 'loggedIn';
		private $m_db = null;
		
		public function __construct(Database $db) {
			$this->m_db = $db;
		}
		
		/**
		 * Check if user is logged in
		 * @return boolean
		 */
		public function IsLoggedIn() {
			if (isset($_SESSION[$this->m_login])) {
				return true;
			}
			return false;
		}

		/**
		 * @param string $user Username to try
		 * @param string $password Password to try
		 * @return boolean succesfull login
		 */
		public function DoLogin($user, $password) {
			$hash = null;
			$hasher = null;
			$hashConfig = null;
			$currentUser = $this->SelectUsername($user);
			
			if ($currentUser == $user) {
				$hash = $this->SelectPassword($user);
				
				$hashConfig = new hashConfig();
				$hasher = new PasswordHash($hashConfig);
				$success = $hasher->CheckPassword($password, $hash);
				
				if ($success) {
					$_SESSION[$this->m_login] = $user;
					return self::EVERYTHING_WENT_BETTER_THEN_EXPECTED;
				} else {
					return self::WRONG_PASSWORD;
				}
			} else {
				return self::USERNAME_DOSNT_EXIST;
			}
		}
		
		/**
		 * @param Database $db
		 * @param DBConfig $dbc
		 * @param String $user
		 * @return String Username
		 */
		private function SelectUsername($user) {			
			$sql = "SELECT Username FROM userid WHERE Username = ?";
			$stmt = $this->m_db->Prepare($sql);
			$stmt->bind_param("s", $user);
			
			return $this->m_db->SelectOne($stmt);
		}
		
		/**
		 * @param Database $db
		 * @param DBConifg @dbc
		 * @param string $user
		 * @return string Password
		 */
		private function SelectPassword($user) {
			$sql = "SELECT Password FROM userid WHERE Username = ?";
			$stmt = $this->m_db->Prepare($sql);
			$stmt->bind_param("s", $user);
			
			return $this->m_db->SelectOne($stmt);
		}
		
		/**
		 * Sets login status to false
		 */
		public function DoLogout() {
			if(isset($_SESSION[$this->m_login])) {
				$_SESSION[$this->m_login] = false;
			}
		}
		
		/**
		 * Echo test data
		 * @return boolean
		 */
		public static function Test() {
			$lh = new LoginHandler();
			
			$lh->DoLogOut();
			
			if($lh->IsLoggedIn()) {
				echo "IsLoggedIn eller DoLogout fungerar inte som de ska";
				return false;
			}
			
			if($lh->DoLogin('fel', 'fel')) {
				echo "DoLogin fungerar inte";
				return false;
			}
			
			if(!$lh->DoLogin('ratt', 'rattratt')) {
				echo "DoLogin fungerar inte";
				return false;
			}
			
			if(!$lh->IsLoggedIn()) {
				echo "IsLoggedIn fungerar inte";
				return false;
			}
			
			$lh->DoLogout();
			
			if($lh->DoLogin('ratt', 'fel')) {
				echo "DoLogin med rätt användarnamn och fel lösenord fungerar inte";
				return false;
			}
			
			return true;
		}
	}
?>